Your area of responsibility

Information Security

• Maintain the ISMS, risk register, controls, and policies.
• Lead risk assessments, control testing, corrective actions, and reviews. 

Security Operations

• Coordinate with outsourced SOC/CISO for effective monitoring and incident response.
• Run tabletop exercises, post‑incident reviews, and maintain the IR plan.

Platform Security (Microsoft)

• Operate and improve security across Defender, Entra ID, Intune, Purview, Sentinel, and M365.
• Manage conditional access, MFA, PIM, endpoint baselines, and secure configurations.
• Run a risk‑based vulnerability and patch program and track remediation with providers. 

Third‑Party Risk & Data Protection

• Lead vendor due diligence, DPAs, and ongoing monitoring aligned to outsourcing procedures.
• Implement data classification, retention, and DLP; support privacy‑by‑design and coordinate with external DPO 

Audit, Compliance, Training & Reporting

• Support audits and regulatory reviews; deliver security awareness training and simulation campaigns.
• Maintain evidence, procedures, runbooks, and monthly security dashboards.

Your skills and experience

• 5+ years in information security.
• Experience running an ISMS (aligned with ISO/IEC 27001), including risk & controls management.
• Incident response coordination and BCP/DR familiarity.
• Exposure to regulated environments (financial services preferred) and vendor assurance.
• Strong written/spoken English; German is a plus.
• Hands on with Microsoft 365 (E5)/Azure security stack: Entra ID (CA, PIM), Intune, Defender, Purview, Sentinel.
• ISO 27001 Lead Implementer/Lead Auditor, CISM, CISSP, CCSK/CCSP, Microsoft Security certs (SC‑200/300/400, AZ‑500).
• Experience with DORA, FINMA requirements, and CSSF guidelines for AIFMs.
• Exposure to SOC 2, NIST CSF, or CIS Controls.
• Practical knowledge of privacy (GDPR), working with a DPO.
• Scripting/automation (PowerShell, KQL, Graph API) for policy enforcement and evidence collection.
• Familiarity with Snowflake and data platform controls (row-level security, key management).

What we offer

You will shape the future of our information security, work on innovative projects in a small team in a dynamic environment. We provide professional development opportunities, including training and certification of technical skills, and a hybrid work environment. 

Contact

careers@energy-infrastructure-partners.com 

How to apply

If you are ready to make a significant impact in the energy infrastructure sector and grow your career with EIP, we encourage you to apply. Join us in shaping the future of energy investments. 
  
 Click “apply for this position” below to start the application process.    
 
 Please note that we do not accept any application documents via (e-)mail (including direct applications via LinkedIn or similar platforms) due to our data protection guidelines. Only applications submitted via our job platform will be considered.  

About us

We offer an exciting position at Energy Infrastructure Partners (EIP), an investment boutique specialized in private equity investments in the energy infrastructure sector, from wind farms to electricity grids. EIP is growing rapidly and looking for new talent to support with expanding its focus to global investment activities. With EIP you will enjoy working in an empowering environment based on the latest available technology.